TouchID: a technological advancement or a security flaw?

490

With all of the sensitive data that smartphone users store on their devices, it is important to have some sort of security.
In a security briefing about iPhones, Apple stated that more than 50 percent of iPhone users do not use the passcode feature.
This presents a major security risk for those users because their data is thus liable to being stolen or viewed by unwanted parties. If an iPhone thief gets a phone without a passcode, the device can be restored and all of your data erased easily.
That being said, it is essential to have some sort of security on your device whether it is Apple, Android or a different smartphone.
When Apple introduced the iPhone 5S on Sept. 20, they added numerous internal part improvements and introduced a flagship feature called TouchID. This improvement to the home button allows the user to scan their fingerprint(s) to gain entry to their 5S.
This method of security is much quicker than typing a passcode and more secure than a four digit numeric passcode.
Naturally, questions began to arise about the overall security of using your fingerprint to unlock a device. Apple responded to scrutiny of their storage of fingerprint data by showing that an actual fingerprint image is not saved.
Instead, the 5S saves a mathematical representation of your fingerprint that is not possible to be reimaged into a photo of your print.
Furthermore, the 5S utilizes a Security Enclave that separates the mathematical representation of your fingerprint from the A7 processing chip and the rest of the iOS software.
No other apps can access your fingerprint data and Apple servers do not remotely upload your data. The only biometric software that can access your finger's representation is TouchID.
Apple stated "Security is only as secure as its weakest point" and the company will strive to keep the level of security in this software extremely high for its users.
Within five days of the 5S release, a German group of hackers known as the Chaos Computer Club, took credit for bypassing the biometric security of the TouchID and hacked into an iPhone 5S.
The hacker known as Starbug did this by taking a fingerprint off of the back of a test iPhone 5S and printing it to paper. The print was then transcribed to a circuit board and after several chemical applications a dummy print had emerged. Starbug stated that the hack took roughly 30 hours to gain access and that the average iPhone thief would not be able to pull off such a complex technologic process.
I have a firm belief in Apple's statements that they do not save fingerprint data to their servers and that this data is only saved locally.
Flaws exist in many security systems these days and are no stranger to iOS. However, Apple is able to update their software over the air and will continue to do so as flaws are presented.
The company is known for quickly addressing problems and I expect them to continue this trend. I'm glad that Apple is straightforward with their security procedures because several government security agencies must be licking their lips over the thought of acquiring this fingerprint data.
Bonus iOS tip for the greek population at DePauw: you can now use the greek alphabet in your text passcode.

- Mote is a sophomore from Indianapolis, Ind. whose major is undecided.